Show Posts
1
23.7 Legacy Series / Unbound custom query forwarding to domain using WAN IP
« on: October 31, 2023, 10:48:37 pm »
I recently upgraded to 23.7.7_3 and was setting up ipv6 when I noticed that my custom forwarding of my domain from unbound to BIND is no longer working. I undid all the ipv6 configuration hoping to find the problem. Eventually, I found in the firewall logs that Unbound is using the WAN IP to connect to BIND 127.0.0.1:53530.
Once I changed the listening interface of BIND to WAN IP and add it to the ACL, and in Unbound query forward to WAN_IP:53530, everything started working again.
I don't know what IP address it was using before, but since it was working, I assume it was 192.168.x.1 or 127.0.0.1.
My BIND is listening on 192.168.1.1, 192.168.2.1, and 127.0.0.1 port 53530
Unbound is currently using interfaces LAN, OPT1. Query forwarding for my domain is 127.0.0.1:53530. I also tried 192.168.1.1:53530
Is this normal? Is there anything I can do to make it use an internal IP address?
EDIT: Attached screenshots. The third screenshot of the firewall, the top entry going to 127.0.0.1:53530 does not work (SERVFAIL) same with 192.168.1.1; the bottom does work.
EDIT2: Just tried using Dnsmasq instead and it works
Once I changed the listening interface of BIND to WAN IP and add it to the ACL, and in Unbound query forward to WAN_IP:53530, everything started working again.
I don't know what IP address it was using before, but since it was working, I assume it was 192.168.x.1 or 127.0.0.1.
My BIND is listening on 192.168.1.1, 192.168.2.1, and 127.0.0.1 port 53530
Unbound is currently using interfaces LAN, OPT1. Query forwarding for my domain is 127.0.0.1:53530. I also tried 192.168.1.1:53530
Is this normal? Is there anything I can do to make it use an internal IP address?
EDIT: Attached screenshots. The third screenshot of the firewall, the top entry going to 127.0.0.1:53530 does not work (SERVFAIL) same with 192.168.1.1; the bottom does work.
EDIT2: Just tried using Dnsmasq instead and it works